Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:PDF-JPXDECODE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Adobe PDF JPXDecode Vulnerability |
Release Date |
2010/01/20 |
Update Number |
1590 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Adobe PDF JPXDecode Vulnerability
This signature detects attempts to exploit a known vulnerability in Adobe Acrobat software. Attackers can send malicious PDF files to victims or direct them to a hostile Web server, which if the victim interacts with these files or servers, can result in remote code execution on the victim's system.
Extended Description
Adobe Reader and Acrobat are prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it.
Affected Products
- Adobe acrobat 6.0.1
- Adobe acrobat 7.0.9
- Adobe acrobat 9.1.1
- Adobe acrobat 9.2
- Adobe acrobat_professional 8.0
- Adobe acrobat_professional 8.1
- Adobe acrobat_professional 8.1.1
- Adobe acrobat_professional 8.1.2
- Adobe acrobat_professional 8.1.3
- Adobe acrobat_professional 8.1.4
- Adobe acrobat_professional 8.1.6
- Adobe acrobat_professional 8.1.7
- Adobe acrobat_professional 9
- Adobe acrobat_professional 9.1
- Adobe acrobat_professional 9.1.2
- Adobe acrobat_professional 9.1.3
- Adobe acrobat_professional 9.2
- Adobe acrobat_standard 8.0
- Adobe acrobat_standard 8.1
- Adobe acrobat_standard 8.1.1
- Adobe acrobat_standard 8.1.2
- Adobe acrobat_standard 8.1.3
- Adobe acrobat_standard 8.1.4
- Adobe acrobat_standard 8.1.6
- Adobe acrobat_standard 8.1.7
- Adobe acrobat_standard 9
- Adobe acrobat_standard 9.1
- Adobe acrobat_standard 9.1.2
- Adobe acrobat_standard 9.1.3
- Adobe acrobat_standard 9.2
- Adobe reader 6.0.1
- Adobe reader 7.0.9
- Adobe reader 8.0
- Adobe reader 8.1
- Adobe reader 8.1.1
- Adobe reader 8.1.2
- Adobe reader 8.1.3
- Adobe reader 8.1.4
- Adobe reader 8.1.5
- Adobe reader 8.1.6
- Adobe reader 8.1.7
- Adobe reader 9
- Adobe reader 9.1
- Adobe reader 9.1.1
- Adobe reader 9.1.2
- Adobe reader 9.1.3
- Adobe reader 9.2
- Nortel_networks callpilot 1002Rp
- Nortel_networks callpilot 1005R
- Nortel_networks callpilot 200I
- Nortel_networks callpilot 201I
- Nortel_networks callpilot 600R
- Nortel_networks callpilot 703T
- Nortel_networks self-service_media_processing_server
- Nortel_networks self-service_mps_1000
- Nortel_networks self-service_mps_500
- Nortel_networks self-service_peri_application
- Nortel_networks self-service_speech_server
- Red_hat desktop_extras 3
- Red_hat desktop_extras 4
- Red_hat enterprise_linux_as_extras 3
- Red_hat enterprise_linux_as_extras 4
- Red_hat enterprise_linux_desktop_supplementary 5 Client
- Red_hat enterprise_linux_es_extras 3
- Red_hat enterprise_linux_es_extras 4
- Red_hat enterprise_linux_extras 3
- Red_hat enterprise_linux_extras 4
- Red_hat enterprise_linux_supplementary 5 Server
- Red_hat enterprise_linux_ws_extras 3
- Red_hat enterprise_linux_ws_extras 4
- Suse opensuse 11.0
- Suse opensuse 11.1
- Suse opensuse 11.2
- Suse suse_linux_enterprise 10 SP2
- Suse suse_linux_enterprise 10 SP3
- Suse suse_linux_enterprise_desktop 11
References
- BugTraq: 37757
- CVE: CVE-2009-3955